-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Jan 27, 2008, at 2:27 PM, Martin v. Löwis wrote:
Along with the release of 2.5.2, I would also like to release new versions of 2.3 and 2.4. These will be security-only releases, and include a few security-relevant bug fixes that are still being finalized.
As we don't have the infrastructure to produce full releases of 2.3 or 2.4 anymore, this will be a source release only. As such, it will likely see less testing than other releases, and users will have more difficulties in obtaining the software for their system - the releases will be targeted primarily at system vendors who can chose to include them as security patches in their system updates.
If the intent is really to do a source-only releases mostly for system vendors, then I don't see the harm in leaving those changes in. I mean, a vendor is going to cherry pick the ones they want anyway, so let's just make it easy for them to do this. That might mean publishing the svn logs a long with the source release, or publishing each diff and log message separately.
I would be bummed to rollback the email package changes.